Skip to main content
POST
/
webhooks
/
{id}
/
toggle
Toggle webhook
curl --request POST \
  --url https://api.sevalla.com/v3/webhooks/{id}/toggle \
  --header 'Authorization: Bearer <token>'
{
  "id": "fb5e5168-4281-4bec-94c5-0d1584e9e657",
  "company_id": "fb5e5168-4281-4bec-94c5-0d1584e9e657",
  "is_enabled": true,
  "allowed_events": [
    "APP_DEPLOY",
    "APP_CREATE"
  ],
  "secret": "whsec_abc123...",
  "old_secret": null,
  "old_secret_expired_at": null,
  "endpoint": "https://example.com/webhooks",
  "description": "Production deploy notifications",
  "created_by": "fb5e5168-4281-4bec-94c5-0d1584e9e657",
  "updated_by": null,
  "created_at": "2025-01-30T00:00:00.000Z",
  "updated_at": "2025-01-30T00:00:00.000Z"
}

Authorizations

Authorization
string
header
required

API key authentication. Pass your API key as a Bearer token in the Authorization header.

Path Parameters

id
string<uuid>
required

Webhook identifier

Pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
Example:

"fb5e5168-4281-4bec-94c5-0d1584e9e657"

Response

Default Response

id
string<uuid>
required

Unique identifier for the webhook

Pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
Example:

"fb5e5168-4281-4bec-94c5-0d1584e9e657"

company_id
string<uuid>
required

Identifier of the company that owns this webhook

Pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
Example:

"fb5e5168-4281-4bec-94c5-0d1584e9e657"

is_enabled
boolean
required

Whether the webhook is currently active and receiving events

Example:

true

allowed_events
enum<string>[]
required

List of event types this webhook subscribes to. APP_CREATE - application created. APP_UPDATE - application updated. APP_DELETE - application deleted. APP_DEPLOY - application deployed. DATABASE_CREATE - database created. DATABASE_UPDATE - database updated. DATABASE_DELETE - database deleted. STATIC_SITE_CREATE - static site created. STATIC_SITE_UPDATE - static site updated. STATIC_SITE_DELETE - static site deleted. STATIC_SITE_DEPLOY - static site deployed.

Available options:
APP_CREATE,
APP_UPDATE,
APP_DELETE,
APP_DEPLOY,
DATABASE_CREATE,
DATABASE_UPDATE,
DATABASE_DELETE,
STATIC_SITE_CREATE,
STATIC_SITE_UPDATE,
STATIC_SITE_DELETE,
STATIC_SITE_DEPLOY
Example:
["APP_DEPLOY", "APP_CREATE"]
secret
string
required

Webhook signing secret used to verify event payloads. Prefixed with whsec_.

Example:

"whsec_abc123..."

old_secret
string | null
required

Previous signing secret, available temporarily after rolling the secret to allow graceful migration

Example:

null

old_secret_expired_at
string<date-time> | null
required

Timestamp when the old secret expires, in ISO 8601 format. Null if no old secret exists.

Pattern: ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
Example:

null

endpoint
string<uri>
required

URL where webhook events are delivered via HTTP POST

Example:

"https://example.com/webhooks"

description
string | null
required

Optional human-readable description for the webhook

Example:

"Production deploy notifications"

created_by
string
required

Identifier of the API key that created the webhook

Example:

"fb5e5168-4281-4bec-94c5-0d1584e9e657"

updated_by
string | null
required

Identifier of the API key that last updated the webhook

Example:

null

created_at
string<date-time>
required

Timestamp when the webhook was created, in ISO 8601 format

Pattern: ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
Example:

"2025-01-30T00:00:00.000Z"

updated_at
string<date-time>
required

Timestamp when the webhook was last modified, in ISO 8601 format

Pattern: ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
Example:

"2025-01-30T00:00:00.000Z"